network/roles/certbot_dns/templates/certbot-auth.j2

14 lines
306 B
Plaintext
Raw Normal View History

2023-12-18 10:22:14 +00:00
#!/bin/sh
dns={{ dns[0] }}
ldap_user={{ lookup("passwordstore", "vm/"~inventory_hostname, subkey="ldap_user") }}
2023-12-18 10:22:14 +00:00
ttl=10
kinit -k -t /etc/krb5.keytab "${ldap_user}"
nsupdate -g <<EOF
server ${dns}
update add _acme-challenge.${CERTBOT_DOMAIN} ${ttl} TXT ${CERTBOT_VALIDATION}
send
EOF
sleep $(( ttl + 5 ))